DEBIAN-CVE-2026-44240

basic-ftp is an FTP client for Node.js. Prior to 5.3.1, basic-ftp is vulnerable to client-side denial of service when parsing FTP control-channel multiline responses. A malicious or compromised FTP server can send an unterminated multiline response during the initial FTP banner phase, before...

@activeboxes/piece-sftp (=0.2.6), @activepieces/piece-apify (=0.2.1) +25 more potentially affected by CVE-2026-39983 via basic-ftp (>=5.0.2 <=5.1.0)

basic-ftp NPM version =5.0.2, =0.2.6, =1.0.0, =1.0.0, =2.0.18, =1.9.2, =1.2.0, =4.6.0-blowfish, =1.0.3, =1.0.4, =0.1.1, =0.2.0 and more Source cves: CVE-2026-39983 Source advisory: SNYK:JS-BASICFTP-15953339...

CVE-2018-25254

CVE-2018-25254 affects NICO-FTP 3.0.1.19. The vulnerability is a structured exception handler (SEH) buffer overflow in the FTP service that allows remote code execution when an attacker sends crafted FTP commands. Attackers can connect to the FTP service and send oversized data in response handle...

Exploit for OS Command Injection in Vsftpd_Project Vsftpd

🧨 Metasploitable 2 Penetration Testing Lab 📅 Duration 2026...

@activeboxes/piece-sftp (=0.2.6), @activepieces/piece-apify (=0.2.1) +25 more potentially affected by CVE-2026-27699 via basic-ftp (>=5.0.2 <=5.1.0)

basic-ftp NPM version =5.0.2, =0.2.6, =1.0.0, =1.0.0, =2.0.18, =1.9.2, =1.2.0, =4.6.0-blowfish, =1.0.3, =1.0.4, =0.1.1, =0.2.0 and more Source cves: CVE-2026-27699 Source advisory: SNYK:JS-BASICFTP-15366428...

EUVD-2025-201922

A vulnerability has been identified in SINEC Security Monitor All versions V4.10.0. The affected application does not have proper authorization checks for the filetransfer feature in ssmctl-client command. This could allow an authenticated, lowly privileged local attacker to read or write to any...

EUVD-2012-5943

Malware in sbrugna...

EUVD-2016-1709

Malware in sbrugna...

EUVD-2020-27979

Malware in sbrugna...

EUVD-1999-1326

Malware in sbrugna...

EUVD-2003-0283

Malware in sbrugna...

EUVD-2007-1898

Malware in sbrugna...

EUVD-2009-3093

Malware in sbrugna...

EUVD-2014-3323

Malware in sbrugna...

EUVD-2019-17669

Malware in sbrugna...

EUVD-2018-18437

Malware in sbrugna...

Vulnerability fixed in CrushFTP

CrushFTP has fixed a vulnerability in versions 10 through 10.8.5 and 11 through 11.3.423. The vulnerability is located in CrushFTP's AS2 validation. This vulnerability allows an attacker to gain administrative access via HTTPS, especially when the DMZ proxy feature is not used. The vulnerability...

Linux Distros Unpatched Vulnerability : CVE-2020-1934

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Apache HTTP Server 2.4.0 to 2.4.41, modproxyftp may use uninitialized memory when proxying to a malicious FTP server. CVE-2020-1934 Note that Nessus relies o...

The vulnerability of the graphical SFTP and SCP client for the Windows operating system, WinSCP, arises from incorrect path name restrictions for access-controlled directories. This allows attackers to create a special file and control its path on a remote server.

The vulnerability of the graphical SFTP and SCP client programs for the Windows operating system is related to incorrect path name restrictions for access to restricted directories. Exploiting this vulnerability allows an attacker to create a special file and control its path on a remote server...

CVE-2020-6835

An issue was discovered in Bftpd before 5.4. There is a heap-based off-by-one error during file-transfer error checking...